Fix TBROK on systems which does not have /var/log/messages
(any modern distro is using systemd) not auditd installed:
ima_violations 1 TBROK: log /var/log/messages does not exist (bug in detection?)
Instead TCONF with more meaningful message:
ima_violations 1 TCONF: log file not found, install auditd
Fixes: https://github.com/linux-test-project/ltp/issues/372
Signed-off-by: Petr Vorel <pvorel@xxxxxxx>
---
Hi Mimi, all,
or should we drop /var/log/messages support entirely? I remember some
old systems had problem (not sure if bug in old kernel or
/var/log/messages was not somehow reliable).
https://github.com/linux-test-project/ltp/issues/372
Kind regards,
Petr
.../kernel/security/integrity/ima/tests/ima_violations.sh | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/testcases/kernel/security/integrity/ima/tests/ima_violations.sh b/testcases/kernel/security/integrity/ima/tests/ima_violations.sh
index 0f710dea2e..b2b597ad08 100755
--- a/testcases/kernel/security/integrity/ima/tests/ima_violations.sh
+++ b/testcases/kernel/security/integrity/ima/tests/ima_violations.sh
@@ -23,8 +23,10 @@ setup()
PRINTK_RATE_LIMIT=`sysctl -n kernel.printk_ratelimit`
sysctl -wq kernel.printk_ratelimit=0
fi
- [ -f "$LOG" ] || \
- tst_brk TBROK "log $LOG does not exist (bug in detection?)"
+
+ if [ ! -e "$LOG" ]; then
+ tst_brk TCONF "log file not found, install auditd"
+ fi
tst_res TINFO "using log $LOG"
}
--
2.47.1
